Examples with JpaUser org.opencastproject.security.impl.jpa.JpaUser used on opensource projects

Example 21 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class JpaUserAndRoleProvider method updateUser.

/**
 * Updates a user to the persistence
 *
 * @param user
 *          the user to save
 * @throws NotFoundException
 * @throws org.opencastproject.security.api.UnauthorizedException
 *          if the current user is not allowed to update user with the given roles
 */
public User updateUser(JpaUser user) throws NotFoundException, UnauthorizedException {
    if (!UserDirectoryUtils.isCurrentUserAuthorizedHandleRoles(securityService, user.getRoles()))
        throw new UnauthorizedException("The user is not allowed to set the admin role on other users");
    JpaUser updateUser = UserDirectoryPersistenceUtil.findUser(user.getUsername(), user.getOrganization().getId(), emf);
    if (updateUser == null)
        throw new NotFoundException("User " + user.getUsername() + " not found.");
    logger.debug("updateUser({})", user.getUsername());
    if (!UserDirectoryUtils.isCurrentUserAuthorizedHandleRoles(securityService, updateUser.getRoles()))
        throw new UnauthorizedException("The user is not allowed to update an admin user");
    String encodedPassword = null;
    // only update Password if a value is set
    if (user.getPassword().isEmpty()) {
        JpaUser old = UserDirectoryPersistenceUtil.findUser(user.getUsername(), user.getOrganization().getId(), emf);
        encodedPassword = old.getPassword();
    } else {
        // Update an JPA user with an encoded password.
        encodedPassword = PasswordEncoder.encode(user.getPassword(), user.getUsername());
    }
    // Only save internal roles
    Set<JpaRole> roles = UserDirectoryPersistenceUtil.saveRoles(filterRoles(user.getRoles()), emf);
    JpaOrganization organization = UserDirectoryPersistenceUtil.saveOrganization((JpaOrganization) user.getOrganization(), emf);
    JpaUser updatedUser = UserDirectoryPersistenceUtil.saveUser(new JpaUser(user.getUsername(), encodedPassword, organization, user.getName(), user.getEmail(), user.getProvider(), true, roles), emf);
    cache.put(user.getUsername() + DELIMITER + organization.getId(), updatedUser);
    updateGroupMembership(user);
    return updatedUser;
}

Example 22 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class UserDirectoryPersistenceUtil method saveUser.

/**
 * Persist an user
 *
 * @param user
 *          the user to persist
 * @param emf
 *          the entity manager factory
 * @return the persisted organization
 */
public static JpaUser saveUser(JpaUser user, EntityManagerFactory emf) {
    EntityManager em = null;
    EntityTransaction tx = null;
    try {
        em = emf.createEntityManager();
        tx = em.getTransaction();
        tx.begin();
        JpaUser u = findUser(user.getUsername(), user.getOrganization().getId(), emf);
        if (u == null) {
            em.persist(user);
        } else {
            user.setId(u.getId());
            user = em.merge(user);
        }
        tx.commit();
        return user;
    } finally {
        if (tx.isActive()) {
            tx.rollback();
        }
        if (em != null)
            em.close();
    }
}

Example 23 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class UserDirectoryPersistenceUtil method deleteUser.

/**
 * Delete the user with given name in the given organization
 *
 * @param username
 *          the name of the user to delete
 * @param orgId
 *          the organization id
 * @param emf
 *          the entity manager factory
 * @throws NotFoundException
 * @throws Exception
 */
public static void deleteUser(String username, String orgId, EntityManagerFactory emf) throws NotFoundException, Exception {
    EntityManager em = null;
    EntityTransaction tx = null;
    try {
        em = emf.createEntityManager();
        tx = em.getTransaction();
        tx.begin();
        JpaUser user = findUser(username, orgId, emf);
        if (user == null) {
            throw new NotFoundException("User with name " + username + " does not exist");
        }
        em.remove(em.merge(user));
        tx.commit();
    } catch (NotFoundException e) {
        throw e;
    } catch (Exception e) {
        if (tx.isActive()) {
            tx.rollback();
        }
        throw e;
    } finally {
        em.close();
    }
}

Example 24 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class JpaGroupRoleProviderTest method testRemoveGroupNotAllowedAsNonAdminUser.

@Test
public void testRemoveGroupNotAllowedAsNonAdminUser() throws UnauthorizedException {
    JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", Collections.set(new JpaRole(SecurityConstants.GLOBAL_ADMIN_ROLE, org1)));
    try {
        provider.addGroup(group);
        Group loadGroup = provider.loadGroup(group.getGroupId(), group.getOrganization().getId());
        assertNotNull(loadGroup);
        assertEquals(group.getGroupId(), loadGroup.getGroupId());
    } catch (Exception e) {
        fail("The group should be added");
    }
    JpaUser user = new JpaUser("user", "pass1", org1, "User", "user@localhost", "opencast", true, Collections.set(new JpaRole("ROLE_USER", org1)));
    // Set the security sevice
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
    EasyMock.expect(securityService.getOrganization()).andReturn(org1).anyTimes();
    EasyMock.replay(securityService);
    provider.setSecurityService(securityService);
    Response removeGroupResponse = provider.removeGroup(group.getGroupId());
    assertNotNull(removeGroupResponse);
    assertEquals(HttpStatus.SC_FORBIDDEN, removeGroupResponse.getStatus());
}

Example 25 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class JpaGroupRoleProviderTest method testAddGroupNotAllowedAsNonAdminUser.

@Test(expected = UnauthorizedException.class)
public void testAddGroupNotAllowedAsNonAdminUser() throws UnauthorizedException {
    JpaUser user = new JpaUser("user", "pass1", org1, "User", "user@localhost", "opencast", true, Collections.set(new JpaRole("ROLE_USER", org1)));
    // Set the security sevice
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
    EasyMock.expect(securityService.getOrganization()).andReturn(org1).anyTimes();
    EasyMock.replay(securityService);
    provider.setSecurityService(securityService);
    JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", Collections.set(new JpaRole(SecurityConstants.GLOBAL_ADMIN_ROLE, org1)));
    provider.addGroup(group);
    fail("The group with admin role should not be created by an non admin user");
}